DocumentCode
2704467
Title
Intrusion detection and security policy framework for distributed environments
Author
El Kalam, Anas Abou ; Briffaut, Jérémy ; Toinard, Christian ; Blanc, Mathieu
Author_Institution
Lab. d´´lnformatique Fondamentale d´´Orleans, CNRS, Orleans
fYear
2005
fDate
20-20 May 2005
Firstpage
100
Lastpage
105
Abstract
This paper presents a novel intrusion detection approach and a new infrastructure to enforce the security policy within a distributed system. The solution guarantees the consistency of the security policy and prevents any accidental or malicious update (of the local policies). The control is carried out locally (in each host) in accordance with a meta-policy that enables a distributed control to update a global security policy while satisfying global security properties. The solution is more robust in terms of fault-tolerance and resists to denial of service attacks since the solutions carries out all the control locally. Two levels of intrusion detection are proposed to guaranty the integrity and the consistency of the distributed policy. The first level (meta-level, or administration level) guarantees that each local policy evolves according to the global security properties. This level detects attacks trying inadequate alterations of the local security policies. The second level corresponds to a classical intrusion detection system. But, it can take advantages of the local policy to detect attacks that violate the security objectives. That second level enables to integrate and to adjust various classical IDS. Our approach enforces the security of large scale systems
Keywords
distributed processing; fault tolerant computing; large-scale systems; security of data; denial of service attack; distributed environment; fault-tolerance; global security policy framework; intrusion detection system; large scale system security; local security policy framework; malicious update; meta-policy; Access control; Computer crime; Computer security; Data security; Distributed control; Information security; Intrusion detection; Large-scale systems; Resists; Robust control;
fLanguage
English
Publisher
ieee
Conference_Titel
Collaborative Technologies and Systems, 2005. Proceedings of the 2005 International Symposium on
Conference_Location
St Louis, MO
Print_ISBN
0-7695-2387-0
Type
conf
DOI
10.1109/ISCST.2005.1553300
Filename
1553300
Link To Document